Orpak SiteOmat OrCU Code Injection Vulnerability

Orpak SiteOmat OrCU Code Injection Vulnerability

CVE-2017-14853 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

The Orpak SiteOmat OrCU component is vulnerable to code injection, for all versions prior to 2017-09-25, due to a search query that uses a direct shell command. By tampering with the request, an attacker is able to run shell commands and receive valid output from the device.

Learn more about our Web Application Penetration Testing UK.